… The caption from this article is derived from Proverbs 12:26 … one of many passages about relationships that are corroborated by the very first verse in the book of Psalms, which reads “Blessed is the man who does not walk in the counsel of the wicked or stand in the way of sinners or sit in the seat of mockers. ”
And this is the principal I’m applying to a friends website, who’s bulletin board is under attack from someone not-so-nice …
WARNING … what I’m about to explain can shoot your foot clean off and leave your website, or at least select directories of it, inaccessible. You have been WARNED … and for those of you using FrontPageee extensions … you might want to think thrice before implementing what I’m about to show you. So make backups, and if you don’t know how to make a back-up of your stuff … then DON’T PROCEED ANY FURTHER !
On my friends site, we have modified the .htaccess file in the directory that hosts the bulletin board with the following code:
<Limit GET POST>
order allow,deny allow from all deny from 63.173.184. deny from lan2wan.com
Basically what this says is that everyone is allowed to do everything they could do before, except for people dialing in from a block addresses 126.96.36.199 to 188.8.131.52 … by leaving off the last three numbers in the IP address (notice the period at the end of that address) … and anyone incoming from lan2wan.com … by entering a domain name. Oh yeah, for me to get this file to work, I had to set the privs to “-rw-r–r–”, that would be “chmod 644 .htaccess” in the world of *nix.
* WARNING * For those of you wishing to try this out, I STRONGLY suggest you create a new subdirectory with a simple “Hello World” page, then create/ammend the .htaccess file in THAT subdirectory … then test to see if your mileage does or does not vary.
If you want to block all your directories, then you need to chit-chat with your web host provider. If they’re running Apache with mod_access, they may be willing to do the same for you. I’ll do some homework later tonight or tomorrow on IIS … and ammend this article as appropriate.
But let’s say that this approach isn’t exactly what you want. Rather, you want to lovingly re-direct these neer-do-wells to more helpful sights and life affirming sights … then you probably want to do this programatically via PERL, Python, PHP or some other language possessing a cool animal on an O’Reilly publication. Well for the majority of you on Apache servers with mod_dir installed, you need to find out the order in which files in that directory are loaded. Yeah, I know, a bunch of Greeky-geek-speak.
But for those of you who understand, there are two places to look, httpd.conf, and/or mod_dir.c … the former of which would wrap directives for the later lookin like this:
DirectoryIndex index.html index.htm welcome.htm welcome.html index.php index.phps index.cgi index.shtml index.phtml index.php3
Yeah, I know … WAYYY to much technical information, but for those of you who just got the above, it just means making sure that you either change the order of the files above so your .PHP and/or .CGI runs first … make sure that directories with an index.cgi aren’t accompanied by an index.html.
Point is, you don’t have to put up with bad people doing bad things to your website. Moreover, by reproofing them you leave your resources open to the good, honest people seeking wisdom, instruction and training.
By-the-way you are NOT seeing double. This article was originally posted on 9-May-2002, but was one of the messages that got hammered due to the crash, and appearently was never restored. Since it is useful topic, I figured it a good thing to repost it. Hope you don’t mind.